Cyber Threat Intelligence Researcher
About Us:
SentinelOne is defining the future of cybersecurity through our XDR platform that automatically prevents, detects, and responds to threats in real-time. Singularity XDR ingests data and leverages our patented AI models to deliver autonomous protection. With SentinelOne, organizations gain full transparency into everything happening across the network at machine speed – to defeat every attack, at every stage of the threat lifecycle.
We are a values-driven team where names are known, results are rewarded, and friendships are formed. Trust, accountability, relentlessness, ingenuity, and OneSentinel define the pillars of our collaborative and unified global culture. We're looking for people that will drive team success and collaboration across SentinelOne. If you’re enthusiastic about innovative approaches to problem-solving, we would love to speak with you about joining our team!
What are we looking for?
Only the great. People who do epic things daily, who never give up on difficult questions. The ones with a strong passion for details. Those who find creative solutions, who are not afraid of trying and are willing to rewrite the good old playbooks.
Why us?
SentinelOne possesses an incomparable wealth of data and tools that allows us to be dominant explorers, researchers and thought leaders within the worldwide cyber security industry. Our research group, which focuses on advanced threat intelligence, innovative detection and platform targeted research, is home to many great minds who collaborate daily with innovation. As a part of our global growth, we are expanding our research activity from our Tel Aviv headquarters to more regions.
What will you do?
You will be responsible for investigating complicated cyber-attacks, searching for the fingerprints of some of the world's most sophisticated APTs and cyber-crime gangs. In your exploration and investigation, you will conduct forensic analysis, some malware research, attribution of tools and infrastructures, and extraction of IOCs. You will collaborate with other researchers, developers, and engineers to deliver insightful reports and innovative features to our products.
What experience and knowledge should you bring?
- B.A. / B.Sc or equivalent in a related field, such as computer science, data and information, political science.
- 5+ years of work experience related to the attack & malware ecosystem, highly familiar with one or more of the following:
- Classical threat intelligence (IOCs, hunting, reporting, visualization)
- Interdisciplinary research of threat actors and groups
- Malware research
- Incident response and digital forensics
- Extensive experience with common threat intelligence tools: VirusTotal, Censys/Shodan, MISP/other feed collections and TIPs, OSINT tools, creation and monitoring of YARA rules, standard analysis with MITRE ATT&CK.
- Proficiency with Python scripting and use of Python notebooks.
- Solid hands-on experience with data analysis tools with SQL as a primary tool.
- Clear expression and professional articulacy in English, written and spoken.
- Proven record of delivering threat intelligence reports, presentations, courses and webinars (if possible, please provide a link for reference).
- Ability and willingness to work in a multicultural environment.
- Creativity, clarity and challenge-embracing - must!
SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.
SentinelOne participates in the E-Verify Program for all U.S. based roles.